diff --git a/cmd/owl/web/handler.go b/cmd/owl/web/handler.go
index f7d6b2f..3228371 100644
--- a/cmd/owl/web/handler.go
+++ b/cmd/owl/web/handler.go
@@ -67,7 +67,48 @@ func userAuthHandler(repo *owl.Repository) func(http.ResponseWriter, *http.Reque
notFoundHandler(repo)(w, r)
return
}
- html, err := owl.RenderUserAuthPage(user)
+ // get me, cleint_id, redirect_uri, state and response_type from query
+ me := r.URL.Query().Get("me")
+ clientId := r.URL.Query().Get("client_id")
+ redirectUri := r.URL.Query().Get("redirect_uri")
+ state := r.URL.Query().Get("state")
+ responseType := r.URL.Query().Get("response_type")
+
+ // check if request is valid
+ missing_params := []string{}
+ if clientId == "" {
+ missing_params = append(missing_params, "client_id")
+ }
+ if redirectUri == "" {
+ missing_params = append(missing_params, "redirect_uri")
+ }
+ if responseType == "" {
+ missing_params = append(missing_params, "response_type")
+ }
+ if len(missing_params) > 0 {
+ w.WriteHeader(http.StatusBadRequest)
+ w.Write([]byte(fmt.Sprintf("Missing parameters: %s", strings.Join(missing_params, ", "))))
+ return
+ }
+ if responseType != "id" {
+ responseType = "code"
+ }
+ if responseType != "code" {
+ w.WriteHeader(http.StatusBadRequest)
+ w.Write([]byte("Invalid response_type. Must be 'code' ('id' converted to 'code' for legacy support)."))
+ return
+ }
+
+ reqData := owl.AuthRequestData{
+ Me: me,
+ ClientId: clientId,
+ RedirectUri: redirectUri,
+ State: state,
+ ResponseType: responseType,
+ User: user,
+ }
+
+ html, err := owl.RenderUserAuthPage(reqData)
if err != nil {
println("Error rendering auth page: ", err.Error())
w.WriteHeader(http.StatusInternalServerError)
diff --git a/embed/auth.html b/embed/auth.html
index 65ba4bc..56ea3f7 100644
--- a/embed/auth.html
+++ b/embed/auth.html
@@ -1,5 +1,11 @@
+Authorization for {{.ClientId}}
+
\ No newline at end of file
diff --git a/renderer.go b/renderer.go
index cfb6018..bd455d0 100644
--- a/renderer.go
+++ b/renderer.go
@@ -20,6 +20,15 @@ type PostRenderData struct {
Content template.HTML
}
+type AuthRequestData struct {
+ Me string
+ ClientId string
+ RedirectUri string
+ State string
+ ResponseType string
+ User User
+}
+
func renderEmbedTemplate(templateFile string, data interface{}) (string, error) {
templateStr, err := embed_files.ReadFile(templateFile)
if err != nil {
@@ -109,13 +118,13 @@ func RenderIndexPage(user User) (string, error) {
})
}
-func RenderUserAuthPage(user User) (string, error) {
- authHtml, err := renderEmbedTemplate("embed/auth.html", user)
+func RenderUserAuthPage(reqData AuthRequestData) (string, error) {
+ authHtml, err := renderEmbedTemplate("embed/auth.html", reqData)
if err != nil {
return "", err
}
- return renderIntoBaseTemplate(user, PageContent{
+ return renderIntoBaseTemplate(reqData.User, PageContent{
Title: "Auth",
Content: template.HTML(authHtml),
})
diff --git a/renderer_test.go b/renderer_test.go
index 8db4f13..d67cc08 100644
--- a/renderer_test.go
+++ b/renderer_test.go
@@ -289,7 +289,37 @@ func TestAddFaviconIfExist(t *testing.T) {
func TestRenderUserAuth(t *testing.T) {
user := getTestUser()
user.ResetPassword("test")
- result, err := owl.RenderUserAuthPage(user)
+ result, err := owl.RenderUserAuthPage(owl.AuthRequestData{
+ User: user,
+ })
assertions.AssertNoError(t, err, "Error rendering user auth page")
assertions.AssertContains(t, result, "